Max CVSS 7.5 Min CVSS 1.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2004-0005 7.5
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo
16-02-2024 - 20:47 03-03-2004 - 05:00
CVE-2018-8905 6.8
In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.
01-03-2023 - 17:13 22-03-2018 - 04:29
CVE-2018-3174 1.9
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows
06-12-2022 - 21:33 17-10-2018 - 01:31
CVE-2018-2771 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged a
29-11-2022 - 03:04 19-04-2018 - 02:29
CVE-2018-3282 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability
08-11-2022 - 19:32 17-10-2018 - 01:31
CVE-2017-10268 1.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high pr
29-09-2022 - 16:45 19-10-2017 - 17:29
CVE-2018-2767 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low
21-09-2022 - 19:57 18-07-2018 - 13:29
CVE-2018-3066 4.9
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged a
29-08-2022 - 20:52 18-07-2018 - 13:29
CVE-2018-2813 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker
29-08-2022 - 20:52 19-04-2018 - 02:29
CVE-2018-3058 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with
29-08-2022 - 20:52 18-07-2018 - 13:29
CVE-2018-0735 4.3
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in Ope
29-08-2022 - 20:41 29-10-2018 - 13:29
CVE-2018-0734 4.3
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.
29-08-2022 - 20:41 30-10-2018 - 12:29
CVE-2018-16841 4.0
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validl
29-08-2022 - 20:04 28-11-2018 - 14:29
CVE-2018-16851 4.0
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory obj
29-08-2022 - 20:03 28-11-2018 - 14:29
CVE-2018-2781 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged a
19-08-2022 - 09:41 19-04-2018 - 02:29
CVE-2018-3063 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
19-08-2022 - 09:38 18-07-2018 - 13:29
CVE-2018-0732 5.0
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime result
16-08-2022 - 13:00 12-06-2018 - 13:29
CVE-2018-3081 4.9
Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows
04-08-2022 - 19:58 18-07-2018 - 13:29
CVE-2018-2761 4.3
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated a
04-08-2022 - 19:50 19-04-2018 - 02:29
CVE-2018-3251 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with
04-08-2022 - 19:34 17-10-2018 - 01:31
CVE-2018-3156 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with
04-08-2022 - 19:33 17-10-2018 - 01:31
CVE-2018-3143 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with
04-08-2022 - 19:31 17-10-2018 - 01:31
CVE-2018-2819 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with
01-08-2022 - 15:42 19-04-2018 - 02:29
CVE-2018-2817 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker
01-08-2022 - 15:28 19-04-2018 - 02:29
CVE-2018-2782 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access vi
01-08-2022 - 15:11 19-04-2018 - 02:29
CVE-2018-2784 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access vi
01-08-2022 - 15:00 19-04-2018 - 02:29
CVE-2017-10378 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privile
19-07-2022 - 17:12 19-10-2017 - 17:29
CVE-2018-2755 3.7
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticat
19-07-2022 - 17:02 19-04-2018 - 02:29
CVE-2018-2766 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v
19-07-2022 - 16:40 19-04-2018 - 02:29
CVE-2018-3064 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with
18-07-2022 - 18:55 18-07-2018 - 13:29
CVE-2018-2668 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
18-07-2022 - 17:46 18-01-2018 - 02:29
CVE-2018-2665 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
18-07-2022 - 17:45 18-01-2018 - 02:29
CVE-2018-2640 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged at
18-07-2022 - 17:43 18-01-2018 - 02:29
CVE-2018-2622 6.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker
18-07-2022 - 17:42 18-01-2018 - 02:29
CVE-2018-2787 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v
13-07-2022 - 14:10 19-04-2018 - 02:29
CVE-2018-2562 7.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged a
01-07-2022 - 14:13 18-01-2018 - 02:29
CVE-2018-2612 7.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v
01-07-2022 - 14:12 18-01-2018 - 02:29
CVE-2018-4013 7.5
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker
07-06-2022 - 17:21 19-10-2018 - 13:29
CVE-2018-19206 4.3
steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment.
10-03-2022 - 14:33 12-11-2018 - 17:29
CVE-2018-0737 4.3
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixe
20-07-2021 - 23:15 16-04-2018 - 18:29
CVE-2018-18557 6.8
LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignorin
05-03-2021 - 18:15 22-10-2018 - 16:29
CVE-2018-7456 4.3
A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.
29-01-2021 - 20:15 24-02-2018 - 06:29
CVE-2018-5407 1.9
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
18-09-2020 - 16:58 15-11-2018 - 21:29
CVE-2018-16335 6.8
newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIF
24-08-2020 - 17:37 02-09-2018 - 03:29
CVE-2018-15209 6.8
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated
24-08-2020 - 17:37 08-08-2018 - 04:29
CVE-2018-18311 7.5
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
24-08-2020 - 17:37 07-12-2018 - 21:29
CVE-2018-18312 7.5
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
15-07-2020 - 03:15 05-12-2018 - 22:29
CVE-2018-18313 6.4
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
15-07-2020 - 03:15 07-12-2018 - 21:29
CVE-2018-18314 7.5
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
15-07-2020 - 03:15 07-12-2018 - 21:29
CVE-2018-14629 4.0
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denia
09-10-2019 - 23:35 28-11-2018 - 14:29
CVE-2018-19409 7.5
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
03-10-2019 - 00:03 21-11-2018 - 16:29
CVE-2018-19475 6.8
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
03-10-2019 - 00:03 23-11-2018 - 05:29
CVE-2018-10963 4.3
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.
03-10-2019 - 00:03 10-05-2018 - 02:29
CVE-2017-15365 6.5
sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions an
03-10-2019 - 00:03 25-01-2018 - 16:29
CVE-2018-19477 6.8
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
25-04-2019 - 13:07 23-11-2018 - 05:29
CVE-2018-19476 6.8
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
25-04-2019 - 13:07 23-11-2018 - 05:29
CVE-2018-5784 4.3
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared nu
22-04-2019 - 16:19 19-01-2018 - 08:29
CVE-2018-17101 6.8
An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.
21-03-2019 - 16:00 16-09-2018 - 21:29
CVE-2017-17095 6.8
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
01-12-2018 - 11:29 02-12-2017 - 06:29
CVE-2017-11613 4.3
In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly co
01-12-2018 - 11:29 26-07-2017 - 08:29
CVE-2004-0006 7.5
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yah
11-10-2017 - 01:29 03-03-2004 - 05:00
CVE-2004-0007 7.5
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
11-10-2017 - 01:29 03-03-2004 - 05:00
CVE-2004-0008 7.5
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
11-10-2017 - 01:29 03-03-2004 - 05:00
Back to Top Mark selected
Back to Top